Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
File:                     1K5pV43Ol3ozqindV8oZD6aHd_o.mft (raw, json)
Hash identifier:          jYlOwuN8d4DbJ9dGHxx9eTa8m7vi/OMBp7z2h58H6Bk=
Subject key identifier:   CC:87:4D:9A:EA:6F:A3:09:0E:56:00:03:62:28:A5:0E:DA:25:9D:CF
Authority key identifier: D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
Certificate issuer:       /CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Certificate serial:       0197B6A19126E6A171A6B7F1A097CE2748CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
Manifest number:          0C2B
Signing time:             Sat 28 Jun 2025 13:02:11 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:11 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:11 +0000
Files and hashes:         1: 1K5pV43Ol3ozqindV8oZD6aHd_o.crl (hash: QJOH8rWn0c+mNfKHvyBXk+oT+rQaZme7hgw7mDs3J18=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:91:26:e6:a1:71:a6:b7:f1:a0:97:ce:27:48:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
        Validity
            Not Before: Jun 28 13:02:11 2025 GMT
            Not After : Jun 29 13:02:11 2025 GMT
        Subject: CN=cc874d9aea6fa3090e5600036228a50eda259dcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1a:1c:78:f4:60:df:04:63:b3:c6:58:c0:c4:
                    cc:27:f7:9d:7b:0f:65:82:0c:34:91:91:38:c4:79:
                    05:04:b7:6c:2f:19:d5:ae:0f:2f:34:02:40:e0:4a:
                    3f:e0:01:d0:c2:93:72:2f:ff:2c:ff:a5:28:01:c9:
                    09:7d:61:6b:d7:63:bb:54:73:60:d5:9e:50:c0:97:
                    c6:1f:47:52:81:de:71:3b:86:d5:92:f5:d7:ea:81:
                    f3:15:92:e7:95:a5:35:0c:7a:87:c7:15:09:db:64:
                    9b:73:e0:af:f9:d2:0e:64:ad:e9:1a:fa:0d:a7:65:
                    e4:27:25:1f:93:92:d0:bc:20:da:38:83:30:1f:0a:
                    f5:10:b7:b6:f6:50:d7:a6:92:13:fd:71:70:91:6f:
                    5b:56:00:ee:42:a5:19:56:d1:1b:22:57:02:39:8d:
                    91:d3:a5:31:14:28:72:f3:08:5d:d8:c2:c3:58:d3:
                    f9:10:de:04:b4:88:eb:c7:cb:2a:b0:f7:a9:b4:27:
                    ec:94:77:6f:c1:af:86:c6:ab:b8:e2:79:03:fe:c5:
                    c6:83:5f:87:bb:4f:be:04:07:2a:53:c7:c1:27:d9:
                    9e:00:3d:1c:22:4f:10:05:97:27:1b:14:d9:d1:02:
                    ed:0e:43:97:0f:f3:b3:56:4e:99:96:d4:be:78:a5:
                    01:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:87:4D:9A:EA:6F:A3:09:0E:56:00:03:62:28:A5:0E:DA:25:9D:CF
            X509v3 Authority Key Identifier:
                keyid:D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:45:91:35:db:94:67:df:e0:8b:90:27:48:6f:aa:2b:d7:e8:
         5d:6a:92:49:3c:02:a5:5b:49:0a:60:12:e4:89:1e:a6:89:d4:
         06:56:65:90:ee:f0:97:00:9a:d2:69:e8:dc:d3:11:28:02:50:
         07:ca:b5:2e:63:26:cf:01:cc:5b:1e:8c:f9:9f:08:6f:08:93:
         db:5f:17:c7:1e:8b:c4:ae:7b:bc:1d:02:54:f7:0e:f1:31:a0:
         2c:ba:d2:cf:f4:4b:c7:36:c5:f6:20:9d:d2:45:48:96:7e:e8:
         ba:d9:45:1f:fe:76:1b:d3:8d:a6:b4:30:23:3b:f4:f1:01:7c:
         76:3c:29:68:ca:94:2b:94:89:88:78:80:fd:05:0d:c3:8c:50:
         36:28:16:03:f0:5d:71:e2:19:28:d9:0a:ff:e7:c5:32:2d:62:
         fa:5c:a6:98:67:61:85:b6:2b:45:1c:73:e0:94:31:e8:e2:2c:
         02:bc:e9:98:c4:f5:a1:50:42:dc:aa:01:9c:7d:ea:9a:04:7b:
         9b:15:1a:2f:26:f6:ae:51:1f:f8:25:44:bc:65:2b:1f:04:6f:
         cc:9d:ae:fc:4b:e5:62:96:81:4b:68:0f:c7:64:b6:33:4e:79:
         66:e9:b2:09:97:76:d4:e1:c0:7e:59:60:7c:f2:47:da:74:1f:
         d6:cf:61:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZEm5qFxprfxoJfOJ0jNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWU2OTU3OGRjZTk3N2EzM2FhMjlkZDU3Y2ExOTBmYTY4
Nzc3ZmEwHhcNMjUwNjI4MTMwMjExWhcNMjUwNjI5MTMwMjExWjAzMTEwLwYDVQQD
EyhjYzg3NGQ5YWVhNmZhMzA5MGU1NjAwMDM2MjI4YTUwZWRhMjU5ZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RocePRg3wRjs8ZYwMTMJ/edew9l
ggw0kZE4xHkFBLdsLxnVrg8vNAJA4Eo/4AHQwpNyL/8s/6UoAckJfWFr12O7VHNg
1Z5QwJfGH0dSgd5xO4bVkvXX6oHzFZLnlaU1DHqHxxUJ22Sbc+Cv+dIOZK3pGvoN
p2XkJyUfk5LQvCDaOIMwHwr1ELe29lDXppIT/XFwkW9bVgDuQqUZVtEbIlcCOY2R
06UxFChy8whd2MLDWNP5EN4EtIjrx8sqsPeptCfslHdvwa+Gxqu44nkD/sXGg1+H
u0++BAcqU8fBJ9meAD0cIk8QBZcnGxTZ0QLtDkOXD/OzVk6ZltS+eKUBcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyHTZrqb6MJDlYAA2IopQ7aJZ3PMB8GA1UdIwQY
MBaAFNSuaVeNzpd6M6op3VfKGQ+mh3f6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5Yjct
YjRmMjk3N2QxOTZiLzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5YjctYjRmMjk3N2QxOTZi
LzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEkWRNduU
Z9/gi5AnSG+qK9foXWqSSTwCpVtJCmAS5IkeponUBlZlkO7wlwCa0mno3NMRKAJQ
B8q1LmMmzwHMWx6M+Z8IbwiT218Xxx6LxK57vB0CVPcO8TGgLLrSz/RLxzbF9iCd
0kVIln7outlFH/52G9ONprQwIzv08QF8djwpaMqUK5SJiHiA/QUNw4xQNigWA/Bd
ceIZKNkK/+fFMi1i+lymmGdhhbYrRRxz4JQx6OIsArzpmMT1oVBC3KoBnH3qmgR7
mxUaLyb2rlEf+CVEvGUrHwRvzJ2u/EvlYpaBS2gPx2S2M055ZumyCZd21OHAfllg
fPJH2nQf1s9huw==
-----END CERTIFICATE-----